How to understand and avoid “Crypto-Scams”

Many thanks to Nicolas Guedj, co-author of the article. This article targets an audience of beginners but with prior basic knowledge on cryptocurrencies.

“You see, in this world there’s two kinds of people, my friend. Those who scam and those who get scammed”

The cryptocurrency industry is comparable to a Wild West. Indeed, this industry is young and still unregulated. A first reason is the asynchronicity between the emergence of a technology and its “agenda-setting” by the regulatory authorities. But the main reason is that the blockchain architecture is “by design” made to avoid any intervention by a third party authority.

Thus, scams are extremely numerous. For example, a project called “Squid Game token” turned out to be a $3.4m scam.

We will define a crypto-scam as a project that has no clear value proposition or a misleading value proposition in order to scam investors.

We will first look at the different types of crypto-scams and how they work. Then, we will see how to recognize and avoid falling into them!

1/ The different types of crypto-scams

Generally, crypto-scams are similar to a Pump & Dump mechanism. The principle is to artificially increase the value of an asset, then resell it on the backs of investors (or steal their funds).

Very common in the traditional financial markets, the Pump & Dump has logically emerged in the world of crypto-currencies. We distinguish 2 types of Pump & Dump:

• The “Ponzis”: the user invests his capital on a project without any value proposition but the project is not a scam on the technical level
• The scams: the investment is stolen by implementing technical back-doors in the cryptocurrency smart contracts

1.1/ Ponzi schemes: 100% hype, 0% fundamental value

The Ponzi is characterized by the payment of the first arrivals by the last entrants thanks to a pyramidal mechanism.

It is sometimes difficult to consider an asset as a Ponzi or not. By definition, for all assets, the last investors fund the previous investors. The distinction then stems from the value proposition of the asset. Some will consider Bitcoin to be the biggest Ponzi in history, while others will see one of the major technological revolutions of the century.

Different mechanisms and business models are used to increase the lifetime of Ponzi tokens, such as

• The reflection tokens: The protocol uses an economic mechanism of tax that favors the purchase and constrains the sale. A part of this tax is redistributed to the token holders.
• The “node tokens”: The protocol allows to buy a “node” which offers a daily paid return in the token of the protocol. The more tokens the user holds, the more nodes he/she can buy, which creates a “virtuous circle” and thus an incentive mechanism for buying and holding.

We can add that the more the Market Cap of the project increases, the more complicated it is pay new investors. To survive, it is necessary to convince new entrants to invest. Thus, marketing strategies based on FOMO are put in place: false promises, subscription purchases on social networks, partnerships with influencers or platforms that list launches (such as Coin Sniper)…

1.2/ The scams

These scams are deployed by using the contracts of an existing token (see fork) and adding malicious mechanisms.

The most widespread techniques are :

• The “classic” rugpull

The authors first get funded by the investors during the initial launch (see ICO). Then, they use marketing strategies to create FOMO on the project.

Typical chart of a rugpull

When the capitalization of the token is high enough, the authors sell the share of the tokens they initially hold (which is usually very large). This massive sale creates a panic movement and the value of the token collapses.

• The liquidity pool rugpull

To put it simply, in order for token XYZ to be traded on a decentralized exchanges (such as PancakeSwap or Uniswap), it has to provide liquidity with the equivalent amount of asset B that forms the exchange pair, for example XYZ/BNB. This “liquidity pool” allows for the liquidity of exchanges between buyers and sellers.

This liquidity generally comes from a “reserve wallet” provided by the protocol of the project. The team will decrease this reserve when the token value will be high enough. The scammers will get BNB tokens, a token considered as a safe value.

This variant has the advantage of being more subtle than the classic rugpull.

• The honeypot

Typical chart of a honeypot

Investors buy the token when it is launched, see a skyrocketing price, and then rush to take their profits… before realizing that they cannot resell the purchased asset. Indeed, the token value keeps rising because the smart contract was designed so that no one can resell it.

2/ How to recognize a crypto-scam

In this part, we will see how to analyze a project without specific skills. We will not do a technical or economic analysis of the project because it requires high-level skills. Instead, we will look at all the quantitative and qualitative elements that allows to easily consider a project as being serious or not.

2.1/ Qualitative elements: the website and social networks

• The roadmap

A serious project implies a public roadmap over several years. A protocol that does not display any roadmap is a very bad sign.

Be careful though! A roadmap can be a way to make a scam more credible. It is always necessary to consider that a roadmap only engages its authors and it is very easy to affirm that one will implement a X or Y feature without ever actually doing it.

It is therefore more relevant to analyze the past elements of the roadmap to see if the project has achieved its previous commitments.

• The team

This may seem like a detail but knowing who is behind a project is essential. Would you lend money to someone you don’t know? The same is true in cryptocurrencies.

The team is usually shown on the project website. A serious presentation displays the members with photos, names and links to their social networks.

Again, it is easy to bring credibility to a project with well-known and reputable people in the cryptocurrency ecosystem, without them even knowing about it! So do not hesitate to further the research.

• Whitepapers and developer documentation

A serious project should provide one or more whitepapers as well as documentation for developers. These documentations are generally available on the website of the project.

It is usually more complicated to write fake documentation. A simple copy/paste on search engines allows to see if the documentation has been copied from another project.

• Security audits

A credible project performs one or more security audits. Here again, it is easy to display fake audits.

To check, you just need to go directly to the auditor’s website and search for the project to see if the audit has been performed or not.

Be careful though, even if an audit has been performed, it does not mean that the authors of the project have made the needed corrections.

A security audit made by Certik on ShibaSwap platform

• Social networks

A credible project must be present on many social networks. Crypto-scams usually insist only on the marketing strategy by creating communities on Telegram, Discord or Reddit. More serious projects have a presence on more professional networks like Github or Medium.

The commitment of a community is also a source of credibility for a project. Beyond the number of followers, it is especially the engagement rate that is relevant. An active community is a good health factor for a project. Be careful though, it is very easy to create engagement using bots. So, It is also needed to have a look on the content posted to see their quality and diversity.

It is particularly relevant to look at the content created by the administrators or moderators. Do they talk about the progression of the project or only “shilling” about the price ? You should also not hesitate to trigger the admins with tricky questions about security audits or documentation. If you get banned, then you should avoid this project!

2.2/ Quantitative elements: smart contracts and monetary policies

• The contract analysis

All cryptocurrencies created on the different blockchains can be verified via its contract. For instance, there is EtherScan for Ethereum or BscScan for the Binance Smart Chain. There are also sites that automatically analyze contracts like TokenSniffer or BSCheck.

To quickly analyze the contracts of a token:

1- Find the token via the search bar

2- Check if the number of tokens (Total Supply) and the contract of the token (Contract) correspond to what is announced on the website

3- Click on Contract, then on “txn” to check the creation date of the token

• The liquidity reserve

A serious project must have a constant or increasing liquidity. If the liquidity is decreasing, then it means that the project is no longer seeking to provide liquidity on the exchange, which is a bad sign as we saw it in the previous chapter.

The liquidity of tokens on PancakeSwap is available here

• The Circulating Supply and the Total Supply of the token

The money supply of a token is the total number of tokens available or not. We distinguish :

• The Circulating Supply: number of tokens in circulation, i.e. which can be currently bought on the market
• The Total Supply: total number of tokens which are in circulation or not.

These are very relevant mechanisms for scams. For example, it is possible to reduce the quantity in circulation to decrease the supply to artificially increase the price. The authors of the project, who hold a large part of the Total Supply, can then sell their tokens at a high price (without informing the investors).

A serious project must be completely transparent about the distribution of tokens, the Circulating Supply, and the Total Supply. It is usually described in the Whitepaper.

• The APY (Annual Percentage Yield)

Some cryptocurrencies offer staking systems with APYs that exceed 3 or 4 figures. This is attractive in theory but the economic reality is much less so.

Let’s say we invest $100 on a token offering an APY of 1000%. In theory, we should get $1100 after one year, which is 11 times the initial amount. But this means that the circulating supply of the token increases massively so its scarcity decreases. An investor is thus encouraged to sell his investment as quickly as possible, which decreases the token value.

We will thus get 1000% APY on a token which will have lost 90 or 95% of its value. The investment is not more profitable anymore !

Conclusion

The variety of crypto-scams are only matched by the imagination of their authors.

Many other kinds of scams exist but they have not been explained in this article. We can mention :

• Social engineering
• Phishing
• Fake services with payment in crypto

Finally, there is a thin line between a scam and a bad project. Some projects have high capitalizations, with strong value propositions, yet a technical or economic analysis can undermine them.

We can mention Po.et, which was a project that aimed to create a universal intellectual property registry. It was on the top 20 capitalizations in 2018. Although the project was not a scam, the protocol never worked at the technical level!

The financial chart of Po.et, ouch !

In conclusion, be aware and do your own research!

Disclaimer: None of the content in this article is investment advice. The author of the article has no partnership with the projects presented.